AMENDMENTS TO THE CLAIMS 



This listing of claims will replace all prior versions, and listings, of claims 
in the application: 

Listing of Claims: 



1 1 . (Currently Amended) A method for facilitating high speed network 

2 packet flow by fer- resolving conflicts between network service rules for network 

3 data traffic in a system where rule patterns with longer prefixes match before rule 

4 patterns with shorter prefixes, comprising: 

5 collapsing various operations related to managing network flows into a 

6 single flow classification and dispatch step; 

7 receiving a set of network service rules for network data traffic from 

8 multiple network services, wherein network service rules from different network 

9 services can possibly conflict; 

10 wherein each of the network service rules specifies, a filter that defines a 

1 1 prefix for a set of packets in the packet flow, and an action list that specifies one 

12 or more actions to be applied to the set of packets; 

13 identifying a conflict between a higher priority rule and a lower priority 

14 rule in the set of network service rules; and 

15 resolving the conflict by prepending an action list of the higher priority 

16 rule to an action list of a rule with a filter that defines a longer prefix ; and 

17 applying a consistent set of rules to a switching mechanism to facilitate 

18 packet flow management . 

1 2. (Original) The method of claim 1, wherein if the set of packets 

2 associated with the higher priority rule is equal to the set of packets associated 
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3 with the lower priority rule, resolving the conflict involves creating a new action 

4 list for the higher priority rule by prepending the action list of the higher priority 

5 rule to the action list of the lower priority rule. 

1 3. (Original) The method of claim 1, wherein if the set of packets 

2 associated with the higher priority rule is a superset of the set of packets 

3 associated with the lower priority rule, resolving the conflict involves creating a 

4 new action list for the lower priority rule by prepending the action list of the 

5 higher priority rule to the action list of the lower priority rule. 

1 4. (Original) The method of claim 1, wherein if the set of packets 

2 associated with the lower priority rule is a superset of the set of packets associated 

3 with the higher priority rule, resolving the conflict involves creating a new action 

4 list for the higher priority rule by prepending the action list of the higher priority 

5 rule to the action list of the lower priority rule. 



1 5. (Original) The method of claim 1, wherein if the set of packets 

2 associated with the lower priority rule intersects the set of packets associated with 

3 the higher priority rule, resolving the conflict involves: 

4 creating a new rule with a filter that defines the intersection of the set of 

5 packets associated with lower priority rule and the set of packets associated with 

6 the higher priority rule; and 

7 creating an action list for the new rule by prepending the action list of the 

8 higher priority rule to the action list of the lower priority rule. 

1 6. (Original) The method of claim 1, wherein prior to modifying a 

2 rule in the set of network service rules, the method further comprises cloning the 
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3 rule to ensure that potential conflicts with rules that appear later in the set of 

4 network service rules are not overlooked. 



1 7. (Original) The method of claim 1, wherein the priority of a given 

2 rule is based upon one or more of the following: 

3 a priority associated with a network service from which given rule 

4 originated; 

5 a count of the number of prefix bits specified by the filter for the given 

6 rule; and 

7 a time stamp indicating when the given rule was incorporated into the set 

8 of network service rules. 

1 8. (Original) The method of claim 1, wherein an action specified by a 

2 network service rule can include, but is not limited to: 

3 dropping a packet; 

4 gathering statistical information about the packet; 

5 controlling timer functions associated with the packet; 

6 modifying the packet; and 

7 passing the packet on. 

1 9. (Original) The method of claim 1 , wherein the multiple network 

2 services can include, but is not limited to: 

3 a firewall service; 

4 a service level agreement monitoring service; 

5 a load balancing service; 

6 a transport matching service; 

7 a failover service; and 

8 a high availability service. 
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1 10. (Currently Amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for resolving conflicts between network service rules for network data 

4 traffic in a system where rule patterns with longer prefixes match before rule 

5 patterns with shorter prefixes, the method comprising: 

6 collapsing various operations related to managing network flows into a 

7 single flow classification and dispatch step; 

8 receiving a set of network service rules for network data traffic from 

9 multiple network services, wherein network service rules from different network 

1 0 services can possibly conflict; 

1 1 wherein each of the network service rules specifies, a filter that defines a 

12 prefix for a set of packets in the packet flow, and an action list that specifies one 

13 or more actions to be applied to the set of packets; 

14 identifying a conflict between a higher priority rule and a lower priority 

15 rule in the set of network service rules; and 

16 resolving the conflict by prepending an action list of the higher priority 

17 rule to an action list of a rule with a filter that defines a longer prefix. 

1 11. (Original) The computer-readable storage medium of claim 10, 



2 wherein if the set of packets associated with the higher priority rule is equal to the 

3 set of packets associated with the lower priority rule, resolving the conflict 

4 involves creating a new action list for the higher priority rule by prepending the 

5 action list of the higher priority rule to the action list of the lower priority rule. 

1 12. (Original) The computer-readable storage medium of claim 10, 

2 wherein if the set of packets associated with the higher priority rule is a superset 

3 of the set of packets associated with the lower priority rule, resolving the conflict 
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4 involves creating a new action list for the lower priority rule by prepending the 

5 action list of the higher priority rule to the action list of the lower priority rule. 

1 13. (Original) The computer-readable storage medium of claim 10, 

2 wherein if the set of packets associated with the lower priority rule is a superset of 

3 the set of packets associated with the higher priority rule, resolving the conflict 

4 involves creating a new action list for the higher priority rule by prepending the 

5 action list of the higher priority rule to the action list of the lower priority rule. 



1 14. (Original) The computer-readable storage medium of claim 10, 

2 wherein if the set of packets associated with the lower priority rule intersects the 

3 set of packets associated with the higher priority rule, resolving the conflict 

4 involves: 

5 creating a new rule with a filter that defines the intersection of the set of 

6 packets associated with lower priority rule and the set of packets associated with 

7 the higher priority rule; and 

8 creating an action list for the new rule by prepending the action list of the 

9 higher priority rule to the action list of the lower priority rule. 

1 15. (Original) The computer-readable storage medium of claim 10, 

2 wherein prior to modifying a rule in the set of network service rules, the method 

3 further comprises cloning the rule to ensure that potential conflicts with rules that 

4 appear later in the set of network service rules are not overlooked. 

1 16. (Original) The computer-readable storage medium of claim 10, 

2 wherein the priority of a given rule is based upon one or more of the following: 

3 a priority associated with a network service from which given rule 

4 originated; 
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5 a count of the number of prefix bits specified by the filter for the given 

6 rule; and 

7 a time stamp indicating when the given rule was incorporated into the set 

8 of network service rules. 

1 17. (Original) The computer-readable storage medium of claim 10, 

2 wherein an action specified by a network service rule can include, but is not 

3 limited to: 

4 dropping a packet; 

5 gathering statistical information about the packet; 

6 controlling timer functions associated with the packet; 

7 modifying the packet; and 

8 passing the packet on. 

1 18. (Original) The computer-readable storage medium of claim 10, 

2 wherein the multiple network services can include, but is not limited to: 

3 a firewall service; 

4 a service level agreement monitoring service; 

5 a load balancing service; 

6 a transport matching service; 

7 a failover service; and 

8 a high availability service. 

1 19. (Currently Amended) An apparatus that resolves conflicts between 

2 network service rules for network data traffic in a system where rule patterns with 

3 longer prefixes match before rule patterns with shorter prefixes, comprising: 

4 a mechanism configured to collapse various operations related to 

5 managing network flows into a single flow classification and dispatch step; 
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6 a receiving mechanism configured to receive a set of network service rules 

7 for network data traffic from multiple network services, wherein network service 

8 rules from different network services can possibly conflict; 

9 wherein each of the network service rules specifies, a filter that defines a 

10 prefix for a set of packets in the packet flow, and an action list that specifies one 

1 1 or more actions to be applied to the set of packets; 

12 a conflict detection mechanism configured to identify a conflict between a 

13 higher priority rule and a lower priority rule in the set of network service rules; 

14 and 

15 a conflict resolution mechanism configured to resolve the conflict by 

16 prepending an action list of the higher priority rule to an action list of a rule with a 

17 filter that defines a longer prefix. 

1 20. (Original) The apparatus of claim 1 9, wherein if the set of packets 

2 associated with the higher priority rule is equal to the set of packets associated 

3 with the lower priority rule, the conflict resolution mechanism is configured to: 

4 create a new action list for the higher priority rule by prepending the action 

5 list of the higher priority rule to the action list of the lower priority rule; and to 

6 delete the lower priority rule. 

1 21. (Original) The apparatus of claim 1 9, wherein if the set of packets 



2 associated with the higher priority rule is a superset of the set of packets 

3 associated with the lower priority rule, the conflict resolution mechanism is 

4 configured to create a new action list for the lower priority rule by prepending the 

5 action list of the higher priority rule to the action list of the lower priority rule. 

1 22. (Original) The apparatus of claim 19, wherein if the set of packets 

2 associated with the lower priority rule is a superset of the set of packets associated 
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3 
4 
5 



with the higher priority rule, the conflict resolution mechanism is configured to 
create a new action list for the higher priority rule by prepending the action list of 
the higher priority rule to the action list of the lower priority rule. 



1 23. (Original) The apparatus of claim 19, wherein if the set of packets 

2 associated with the lower priority rule intersects the set of packets associated with 

3 the higher priority rule, the conflict resolution mechanism is configured to: 

4 create a new rule with a filter that defines the intersection of the set of 

5 packets associated with lower priority rule and the set of packets associated with 

6 the higher priority rule; and to 

7 create an action list for the new rule by prepending the action list of the 

8 higher priority rule to the action list of the lower priority rule. 



1 24. (Original) The apparatus of claim 1 9, wherein prior to modifying a 

2 rule in the set of network service rules, the conflict resolution mechanism is 

3 configured to clone the rule to ensure that potential conflicts with rules that appear 

4 later in the set of network service rules are not overlooked. 



1 25 . (Original) The apparatus of claim 1 9, wherein the priority of a 

2 given rule is based upon one or more of the following: 

3 a priority associated with a network service from which given rule 

4 originated; 

5 a count of the number of prefix bits specified by the filter for the given 

6 rule; and 

7 a time stamp indicating when the given rule was incorporated into the set 

8 of network service rules. 
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1 26. (Original) The apparatus of claim 19, wherein an action specified 

2 by a network service rule can include, but is not limited to: 

3 dropping a packet; 

4 gathering statistical information about the packet; 

5 controlling timer functions associated with the packet; 

6 modifying the packet; and 

7 passing the packet on. 

1 27. (Original) The apparatus of claim 19, wherein the multiple network 

2 services can include, but is not limited to: 

3 a firewall service; 

4 a service level agreement monitoring service; 

5 a load balancing service; 

6 a transport matching service; 

7 a failover service; and 

8 a high availability service. 
9 
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